Fortinet NSE6_OTS_AR-7.6 Exam - Topic 2 Question 6 Discussion

The correct answers are B and C. The study guide states that ''You can use application control signatures to detect OT protocols'' and that ''Application control detects the protocols used in applications like Modbus, IEC 104, and the contents of the telecontrol messages''. It also shows that a Modbus application control profile can be enabled on a firewall policy ''for OT protocol visibility in the monitor status.'' This directly supports B, because application control is the feature used to identify and monitor OT protocols on FortiGate.

The guide also explains under IPS that ''By default, OT signatures are excluded from the signatures lists on the GUI until you enable them on the CLI'' using config ips global and set exclude-signatures none. Once enabled, FortiGate can use those OT signatures for OT-aware inspection and protection. That supports C as the second required configuration. A is related to device discovery, not protocol identification, and D is focused on exploit and vulnerability detection rather than the first-step goal of identifying OT protocols.